package com.caifenglin.action.login;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;

@Controller
@RequestMapping("loginAction")
public class LoginAction {

	@RequestMapping("/login")
	public String loginForm(@RequestParam("username") String username, @RequestParam("password") String password) {
		// 1、创建Subject实例
		Subject currentUser = SecurityUtils.getSubject();
		
		// 2、需要去判断当前用户是否登录
		if(currentUser.isAuthenticated() == false) {
			// 3、将用户名和密码封装到指定的对象当中UsernamePasswordToken
			UsernamePasswordToken token = new UsernamePasswordToken(username, password);
			try {
				// 4、完成身份的认证
				currentUser.login(token);
			} catch (AuthenticationException e) {
				System.out.println("登录失败········");
				return "fail";
			}
		}
		
		return "success";
	}
}
